nf_reinject() and ip_queue -- hmm...
James Morris
jmorris@intercode.com.au
Mon, 17 Jul 2000 21:12:27 +1000 (EST)
On Sun, 16 Jul 2000, Alexander Demenshin wrote:
> Hello folks,
>
> So I've found another problem... So far only description - will dig
> in later...
>
> In case of (I assume clean tables):
>
> iptables -A INPUT -d 127.1.1.1 -j QUEUE
> iptables -A OUTPUT -d 127.1.1.1 -j QUEUE
> iptables -t mangle -A OUTPUT -d 127.1.1.1 -j QUEUE
>
> Then:
>
> ping -c1 127.1.1.1
>
Please try the patch below.
- James
--
James Morris
<jmorris@intercode.com.au>
diff -urN linux-2.4.0-test5-pre1.orig/net/core/netfilter.c linux/net/core/netfilter.c
--- linux-2.4.0-test5-pre1.orig/net/core/netfilter.c Mon Jul 17 01:21:14 2000
+++ linux/net/core/netfilter.c Mon Jul 17 20:17:48 2000
@@ -521,6 +521,7 @@
case NF_QUEUE:
nf_queue(skb, elem, info->pf, info->hook,
info->indev, info->outdev, info->okfn);
+ break;
case NF_DROP:
kfree_skb(skb);